Auditing â Counting Votes. Page 38. The Future o Ethereum o Zk-SNARK extension o Zcash over Ethereum (ZOE). Page 39. 146.47%?. How many times did ...
Internet Voting Using Zcash Pavel Tarasov
Why? o Cheaper voting alternative o Most voting protocols are complicated o Get more young people to vote o Blockchain offers inherent security and requires new approach
Why?
= 146.47%?
A little bit about Blockchains o Decentralised o Immutable o Connected together by blocks o Every participant has a copy
o Zero Coins (ZEC) as currency o 2 address types oAnonymous transactions oPublic transactions
o Zero Knowledge Proving System
Bitcoin At A Glance
Zcash At A Glance
ZEC – Zero Coin o Can be shielded or transparent, depending on the address used. o Consists of a tuple (𝑎𝑝𝑘 , 𝑣, 𝜌, 𝑟) o 𝑎𝑝 𝑘 − paying key of the recipient o 𝑣 – value of the ZEC o 𝜌 – value used to derive the nullifier o 𝑟 – value used for the commitment trapdoor
Zcash Addresses o 2 Types: o 𝑡 − addresses o 𝑧 − addresses
Zcash Addresses o 2 Types: o 𝑡 − addresses o 𝑧 − addresses
o 𝑡 − addresses o Used for public transactions o Don’t hide transaction details o Exactly like Bitcoin address
Zcash Addresses o 2 Types: o 𝑡 − addresses o 𝑧 − addresses
o o o o
o 𝑧 − addresses o Used for shielded transactions o Completely private transactions
Zcash Addresses cont. o Combination of keys used at different stages
Zcash Transactions o Allows transparent and private transactions
o Private part holds shielded ZEC
o Transparent part holds public ZEC
Adapted from z.cash
ZEC ciphertext o Secret random values used to generated ZEC o Must be passed on when sending ZEC o Has the form 𝒗, 𝝆, 𝒓, 𝒎𝒆𝒎𝒐 where: o 𝒗 – the value of the ZEC o 𝝆 – value used to derive the nullifier o 𝒓 – value used for the commitment trapdoor o 𝒎𝒆𝒎𝒐– value used in agreement between sender and receiver
Zero Knowledge Problem Statement How can I prove to you that I know a secret value that satisfies a particular function? zk-SNARK o Zero Knowledge Succinct Non-interactive Arguments of Knowledge o Generate a proof given a program
zk-SNARKs
zk-SNARKs Given a program and a secret value - generate 2 keys
zk-SNARKs Given a program and a secret value - generate 2 keys
Create Proof based on a public value, proving key and secret value
zk-SNARKs Given a program and a secret value - generate 2 keys
Create Proof based on a public value, proving key and secret value Verify proof from prover given verification key, proof and public value
zk-SNARK in Zcash o Brings the above together o Proves that: 1.
Total Input values = total output values in transaction
2. Prover knew spending key of the input ZEC 3. The nullifier and commitment have been calculated correctly
o And more…
Voting System Steps 1. Registration 2. Invitation
3.
Voting
4.
Tally/Audit
Voting System Overview Registration
Invitation
Voting
The Tally
Voter Registration
Poll invitation
Voting
Implementation Variants o Variant 1 - Voter sends vote to candidate’s t address: o Preserved linkability of every coin o Transactions are completely transparent o Candidate vote balances can be seen at all times
Implementation Variants o o o
o Variant 2 - Voter sends vote to candidate’s z address: o Involves key establishment
o Transaction is private and cannot be seen by anyone except the parties involved o Audit of the votes is not completely transparent
Auditing – Counting Votes
The Future o Ethereum o Zk-SNARK extension o Zcash over Ethereum (ZOE)